Advanced Malware removal

[PSU87]

I work on PCs a lot on the side, and I constantly try to obtain knowledge to make me a better technician. Up until a couple months ago, anytime the software under my disposal didn't properly remove malicious software I would say that it was impossible, and recommend a data backup and reformat the system. While this does solve the issue, I want to become better at removing those nasty viruses such as smitfraud and virtumonde.

This is what I currently do:

-Turn off system restore
-Delete cookies
-Remove any suspicious looking programs
-Run PC tools registry mechanic
-Run spybot S&D (Safe mode)-If unable to remove all allow it to reboot.
-Run PC tools spyware doctor(Safe mode)
-Run AVG antivirus (safe mode)
-Hijack this- remove anything suspicious looking using pacmans startup list
-Run Registry Mechanic again
-Turn on system restore

In special occasions I'll use tools like Virtumondebegone or smitfraud fix but they don't get all variants of the virus.

So what I'd like to know most is, how do you guys decipher those combofix and hijack this logs and know exactly what to remove? Are there other lists out there like pacmans startup list or is this something you learn through experience?

Thanks to anyone who takes the time to school me on some malware removal.

 

[AlbertLionheart]

Deciphering the contents of logs is a pain, and made worse if you don't know what you are doing. The problem is that most of the software used to analyse logs appears to be commercially available and is expensive. I too would like to know more but the gurus keep their sources close!

 

[kimsland]

PSU87 just for interest, as you posted the minimal things that you do to clean a system.
Please try www.hitmanpro.com this program (Free of-course) will remove every bug there is on your system.
It requires high speed Internet connection (lots of downloads)
And can take literally hours to complete (accept all tick)

The program is Safe and worth you (and everyone) doing
I've become so comfortable with it, I now turn off firewalls before scan (to many safe firewall popups)

Please try it. I have hundreds of times. Never causing a fault.

 

[raybay]

Whew! Opinions do differ.
Hitmanrpo puts more junk on your computer than any other "cleaner" I know of. It uses a LOT of drive space.
You are safer and wiser to download and install manually only some of what HitManPro does automatically, and spreads your email address far and wide.

It merely collects, downloads and installs automatically well-known anti-spyware programs, such as CWShredder, Ad-AwareSE, Spybot S&D14, Spy Sweeper, Ewido Micro, Spyware Doctor, Spyware Blaster, NOD32, Windows security updates, hotfixes against unpatched security leaks, and other stuff that varies from month to month.

The automatic aspect means a system out of control in some cases. It will wipe out stuff without you being able to control what it does very well.

 

[kimsland]

Thanks raybay for your review

Lets just say it's the PC tech shop preferred scanner (here we go!)
Due to its fully automation removal of 99% of all bugs

You can run the single Uninstall command once finished, that removes all programs installed by HitmanPro

If you do not wish me to post again, I will respectively adhere to your wishes.

But as stated I have successfully used (and un-installed) it on many machines without hitch. It is the ideal overnight scan, it even comes with an automation shutdown at the end.

Reviews on it are very high.

 

[raybay]

As I said, good opinions differ. I do not know one tech shop that uses it due to the problems it causes. We have been in the business since 1986.
We do not like it for the problems it causes, for the enormous space it uses, and for the spyware and adware that comes later. In fact, we detest it. But we do use a lot of the programs that it contains, albeit more recent versions.

However it is nice to know that you have a good opinion of it, and because of that, we will take another look.

 

[kimsland]

Thank-you

I would like to know your verdict, as it will impact on my posts

By the way I am not aware of any left over traces of spyware or adware, that comes later - after the single uninstall command
Actually I contacted the programmer last year on this, via direct email, and feel comfortable that it is spyware free (also by running my own tests)

I will wait for your final thoughts (please try on more than one system)

One of many reviews
http://www.lockergnome.com/blade/2007/01/19/hitmanpro-all-in-one-spyware-program-review/
By the way there is a rogue software under a similar name - this is Not it

 

[DelJo63]

If you do not wish me to post again, I will respectively adhere to your wishes.

ALL opinions are welcome Each system is difference, just like the person on the keyboard is different.
The more background we gather then we have more choices to work with

Like every other choice we make, it is always caveat emptor.

 

[ejames82]

you have to like that collection of programs. the only ones that don't work well on my computer are the microsoft programmes.